Like this CertiGuide? Get it in PDF format!
Click Here!
Use coupon code "certiguide" to save 20%!
(Expires 2004/12/31)

Also available: 300-question Security+ practice test!
Get It Here!

Custom Search







Table Of Contents  CertiGuide to Security+
 9  Chapter 7:  Practice Exam Answers

Previous Topic/Section
Answers to Questions 56-60
Previous Page
Pages in Current Topic/Section
1
Next Page
Answers to Questions 66-70
Next Topic/Section

Answers to Questions 61-65

61. What is true about hash functions?

A. They are proprietary

B. They are more secure than digital signature algorithms

C. They are faster than digital signature algorithms

D. They require 128 bit computing

Explanation: Since hash functions are generally faster than encryption or digital signature algorithms, it is typical to compute the digital signature or integrity check to some document by applying cryptographic processing to the document's hash value, which is small compared to the document itself.

Hash functions do not require 128bit computing. Also, they are not typically more secure than the public key encryption used for digital signatures, although digital signatures may use an encrypted hash value. Has functions are standardized, rather than proprietary. Common hash functions include MD-5 and SHA-1.

& Section 4.1.1: Hashing

 

62. What is true about digital digest?

A. It can be made public without revealing the contents of the original document

B. It cannot be made public

C. It allows the revealing of the contents of the document from which it is derived

D. It does not work well with time stamping service

Explanation: A digest can be made public without revealing the contents of the document from which it is derived. This is important in digital time stamping where, using hash functions, one can get a document time stamped without revealing its contents to the time stamping service.

& Section 4.1.1: Hashing

 

63. To protect the data while in transit on a network, what is used to identify errors and omissions in the information?

A. Hash total

B. Record sequence checking

C. Transmission error correction

D. Retransmission controls

Explanation: Hash totals - these identify errors and omissions in the information, A has algorithm provides a hexadecimal checksum of the data. This is stored in a record prior to transmission, and then sent to the remote computer with the data. The remote system can then compute the checksum, and if it agrees with the value that was calculated before transmission, the information arrived intact.

Record sequence checking would verify that records were received in the correct order, but not verify record contents. TCP-level techniques do not protect against alteration of data during transmission, since packets could potentially be inserted with altered information.

& Section 4.1.1: Hashing

 

64. Hash total uses an algorithm that provides a checksum of the data in ___________ format:

A. ASCII

B. Numerical

C. Unicode

D. Hexadecimal

Explanation: Hash totals - these identify errors and omissions in the information, A has algorithm provides a hexadecimal checksum of the data. This is stored in a record prior to transmission, and then sent to the remote computer with the data. The remote system can then compute the checksum, and if it agrees with the value that was calculated before transmission, the information arrived intact.

& Section 4.1.1: Hashing

 

65. A digitally signed message offers

A. Authentication of Origin

B. Integrity of Data

C. Non-Repudiation

D. Confidentiality

E. Access Control

Explanation: Signing a message does not mean the message IS encrypted. It is possible, but not MANDATORY. Without encryption, confidentiality is not offered.

Diffie-Hellman -- "The Diffie-Hellman variant described requires the recipient to have a certificate, but the originator may have a static key pair (with the public key placed in a certificate) or an ephemeral key pair. -- RFC 2631

& Section 4.2: Concepts of Using Cryptography


Previous Topic/Section
Answers to Questions 56-60
Previous Page
Pages in Current Topic/Section
1
Next Page
Answers to Questions 66-70
Next Topic/Section

If you find CertiGuide.com useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Security+ from StudyExam4Less.com. (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support!
Donate $2
Donate $5
Donate $10
Donate $20
Donate $30
Donate: $



Home - Table Of Contents - Contact Us

CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004

Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.